[yocto] [meta-selinux][PATCH 0/1] refpolicy: Allow ping to get/set capabilities
wenzong.fan at windriver.com
wenzong.fan at windriver.com
Mon Jan 27 23:54:28 PST 2014
From: Wenzong Fan <wenzong.fan at windriver.com>
When ping is installed with capabilities instead of being marked setuid,
then the ping_t domain needs to be allowed to getcap/setcap.
This patch was backported from upstream.
The following changes since commit 271955d346f305b196f069d9dc46db16c43678de:
refpolicy: fix real path for swapoff (2014-01-28 15:20:19 +0800)
are available in the git repository at:
git://git.pokylinux.org/poky-contrib wenzong/fix-ping
http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/fix-ping
Wenzong Fan (1):
refpolicy: Allow ping to get/set capabilities
.../Allow-ping-to-get-set-capabilities.patch | 32 ++++++++++++++++++++
.../refpolicy/refpolicy_2.20130424.inc | 4 +++
2 files changed, 36 insertions(+)
create mode 100644 recipes-security/refpolicy/refpolicy-2.20130424/Allow-ping-to-get-set-capabilities.patch
--
1.7.9.5
More information about the yocto
mailing list